<?php

if (!defined('IN_DISCUZ')) {
    exit('Access Denied');
}
include DISCUZ_ROOT . './source/plugin/qu_app/ainuo.php';
require_once libfile('function/portalcp');
$op = in_array($_GET['op'], array(0 => 'style', 1 => 'diy', 2 => 'image', 3 => 'export', 4 => 'import', 5 => 'blockclass')) ? $_GET['op'] : '';
if (submitcheck('uploadsubmit')) {
    $topicid = intval($_POST['topicid']);
    if ($topicid) {
        $topic = C::t('portal_topic')->fetch($topicid);
        if (empty($topic)) {
            topic_upload_error('diy_topic_noexist');
        }
    }
    topic_checkperm($topic);
    $upload = new discuz_upload();
    $upload->init($_FILES['attach'], 'portal');
    $attach = $upload->attach;
    if (!$upload->error()) {
        $upload->save();
    }
    if ($upload->error()) {
        topic_upload_error($attach, $upload->error());
    } else {
        if ($attach['isimage']) {
            require_once libfile('class/image');
            $image = new image();
            $attach['thumb'] = $image->Thumb($attach['target'], '', 80, 50);
        }
        if (getglobal('setting/ftp/on')) {
            if (ftpcmd('upload', 'portal/' . $attach['attachment'])) {
                if ($attach['thumb']) {
                    ftpcmd('upload', 'portal/' . getimgthumbname($attach['attachment']));
                }
                $attach['remote'] = 1;
            } else {
                if (getglobal('setting/ftp/mirror')) {
                    unlink($attach['target']);
                    error_reporting(0);
                    unlink(getimgthumbname($attach['target']));
                    error_reporting(0);
                    topic_upload_error($attach, 'diy_remote_upload_failed');
                }
            }
        }
        $setarr = array('uid' => $_G['uid'], 'username' => $_G['username'], 'filename' => $attach['name'], 'filepath' => $attach['attachment'], 'size' => $attach['size'], 'thumb' => $attach['thumb'], 'remote' => $attach['remote'], 'dateline' => $_G['timestamp'], 'topicid' => $topicid);
        $setarr['picid'] = C::t('portal_topic_pic')->insert($setarr, true);
        topic_upload_show($topicid);
    }
} else {
    if (submitcheck('diysubmit')) {
        require_once libfile('function/portalcp');
        require DISCUZ_ROOT . './source/function/function_home.php';
        $tpldirectory = getstr($_POST['tpldirectory'], 80);
        $template = getstr($_POST['template'], 50);
        if (dsign($tpldirectory . $template) !== $_POST['diysign']) {
            showmessage($tpldirectory . $template);
        }
        $tpldirectory = $tpldirectory ? $tpldirectory : $_G['cache']['style_default']['tpldir'];
        $savemod = getstr($_POST['savemod'], 1);
        $recover = getstr($_POST['recover'], 1);
        $optype = getstr($_POST['optype'], 10);
        tpl_checkperm($template);
        list($template, $clonefile) = explode(':', $template);
        list($mod, $file) = explode('/', $template);
        $targettplname = $template;
        if ($savemod == 1 && !empty($clonefile)) {
            $targettplname = $template . '_' . $clonefile;
        }
        $isarticle = false;
        $iscategory = $isarticle;
        $istopic = $iscategory;
        if ($istopic || $iscategory || $isarticle && !strpos($template, ':') === false) {
            list($tpldirectory, $template) = explode(':', $template);
        }
        $checktpl = checkprimaltpl($tpldirectory . ':' . $template);
        if ($checktpl !== true) {
            showmessage($checktpl);
        }
        if ($optype == 'canceldiy') {
            unlink(DISCUZ_ROOT . './data/diy/' . $tpldirectory . '/' . $targettplname . '_diy_preview.htm');
            error_reporting(0);
            if ($targettplname == $template) {
                unlink(DISCUZ_ROOT . './data/diy/' . $tpldirectory . '/' . $targettplname . '_' . $clonefile . '_diy_preview.htm');
                error_reporting(0);
            }
            showmessage('do_success');
        }
        if ($recover == 1) {
            $file = './data/diy/' . $tpldirectory . '/' . $targettplname . '.htm';
            if (is_file($file . '.bak')) {
                copy($file . '.bak', $file);
            } else {
                showmessage('diy_backup_noexist');
            }
        } else {
            $templatedata = array();
            checksecurity($_POST['spacecss']);
            $templatedata['spacecss'] = preg_replace('/(\\<|\\>)/is', '', $_POST['spacecss']);
            $style = empty($_POST['style']) ? '' : preg_replace('/[^0-9a-z]/i', '', $_POST['style']);
            if ($style) {
                $cssfile = DISCUZ_ROOT . './static/topic/' . $style . '/style.css';
                if (!file_exists($cssfile)) {
                    showmessage('theme_does_not_exist');
                } else {
                    $templatedata['style'] = 'static/topic/' . $style . '/style.css';
                }
            }
            $layoutdata = getstr($_POST['layoutdata'], 0, 0, 0, 0, 1);
            require_once libfile('class/xml');
            $templatedata['layoutdata'] = xml2array($layoutdata);
            if (empty($templatedata['layoutdata'])) {
                showmessage('diy_data_format_invalid');
            }
            $r = save_diy_data($tpldirectory, $template, $targettplname, $templatedata, true, $optype);
            include_once libfile('function/cache');
            updatecache('diytemplatename');
            if ($r && $optype != 'savecache') {
                if (!$iscategory && !$istopic) {
                    $delfile = DISCUZ_ROOT . './data/diy/' . $tpldirectory . '/' . $template . '_' . $clonefile . '.htm';
                    if (file_exists($delfile)) {
                        unlink($delfile);
                        unlink($delfile . '.bak');
                        error_reporting(0);
                        C::t('common_template_block')->delete_by_targettplname($template . '_' . $clonefile, $tpldirectory);
                        C::t('common_diy_data')->delete($template . '_' . $clonefile, $tpldirectory);
                        include_once libfile('function/cache');
                        updatecache('diytemplatename');
                    }
                }
            }
        }
        $tourl = empty($_POST['gobackurl']) || strpos($_POST['gobackurl'], 'op=add') != false || strpos($_POST['gobackurl'], '&diy=yes') != false ? str_replace('&diy=yes', '', $_SERVER['HTTP_REFERER']) : $_POST['gobackurl'];
        $tourl = preg_replace('/[\\?|&]preview=yes/', '', $tourl);
        showmessage('do_success', $tourl, array('rejs' => $_POST['rejs']));
    }
}
if ($op == 'blockclass') {
    loadcache('blockclass');
} else {
    if ($op == 'style') {
        if (!$_G['group']['allowmanagetopic'] && !$_G['group']['allowdiy']) {
            showmessage('group_nopermission', NULL, array('grouptitle' => $_G['group']['grouptitle']), array('login' => 1));
        }
        $themes = gettheme('topic');
    } else {
        if ($op == 'diy' || $op == 'image') {
            $topicid = intval($_GET['topicid']);
            $topic = C::t('portal_topic')->fetch($topicid);
            topic_checkperm($topic);
            $perpage = 6;
            $page = max(1, intval($_GET['page']));
            $start = ($page - 1) * $perpage;
            $list = array();
            if ($topicid) {
                $count = C::t('portal_topic_pic')->count_by_topicid($topicid);
                if (!empty($count)) {
                    C::t('portal_topic_pic')->fetch_all_by_topicid($topicid, $start, $perpage);
                    foreach (C::t('portal_topic_pic')->fetch_all_by_topicid($topicid, $start, $perpage) as $value) {
                        $value['pic'] = pic_get($value['filepath'], 'portal', $value['thumb'], $value['remote']);
                        $list[] = $value;
                    }
                }
                $multi = multi($count, $perpage, $page, 'portal.php?mod=portalcp&ac=diy&op=image&topicid=' . $topicid);
            }
        } else {
            if ($op == 'delete') {
                $topicid = intval($_GET['topicid']);
                $topic = C::t('portal_topic')->fetch($topicid);
                topic_checkperm($topic);
                $picid = intval($_GET['picid']);
            } else {
                if ($op == 'export') {
                    if (submitcheck('exportsubmit')) {
                        $tpl = $_POST['tpl'];
                        $tpldirectory = $_POST['tpldirectory'];
                        $frame = $_POST['frame'];
                        $type = $_POST['type'];
                        if (!empty($tpl)) {
                            tpl_checkperm($tpl);
                            list($tpl, $id) = explode(':', $tpl);
                            $tplname = $id ? $tpl . '_' . $id : $tpl;
                            $diydata = C::t('common_diy_data')->fetch($tplname, $tpldirectory);
                            if (empty($diydata) && $id) {
                                $diydata = C::t('common_diy_data')->fetch($tpl, $tpldirectory);
                            }
                            if ($diydata) {
                                $filename = $diydata['targettplname'];
                                $diycontent = dunserialize($diydata['diycontent']);
                                if (empty($diycontent)) {
                                    showmessage('diy_no_export_data');
                                }
                                if ($frame) {
                                    $area = '';
                                    $filename = $frame;
                                    $framedata = array();
                                    foreach ($diycontent['layoutdata'] as $key => $value) {
                                        $framedata = getobjbyname($frame, $value);
                                        if ($framedata) {
                                            $area = $key;
                                            getframeblock(array($framedata['type'] . '`' . $frame => $framedata['content']));
                                        } else {
                                            continue;
                                        }
                                    }
                                } else {
                                    foreach ($diycontent['layoutdata'] as $key => $value) {
                                        if (!empty($value)) {
                                            getframeblock($value);
                                        }
                                    }
                                }
                                $diycontent['blockdata'] = block_export($_G['curtplbid']);
                                if ($frame) {
                                    $diycontent['spacecss'] = getcssdata($diycontent['spacecss']);
                                    $diycontent['layoutdata'] = array();
                                    $area = empty($area) ? 'diy1' : $area;
                                    $diycontent['layoutdata'][$area][$framedata['type'] . '`' . $frame] = $framedata['content'] ? $framedata['content'] : array();
                                }
                                dheader('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
                                dheader('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
                                dheader('Cache-Control: no-cache, must-revalidate');
                                dheader('Pragma: no-cache');
                                dheader('Content-Encoding: none');
                                if ($type == 'txt') {
                                    $str = serialize($diycontent);
                                    dheader('Content-Length: ' . strlen($str));
                                    dheader('Content-Disposition: attachment; filename=' . $filename . '.txt');
                                    dheader('Content-Type: text/plant');
                                } else {
                                    require_once libfile('class/xml');
                                    $str = array2xml($diycontent, true);
                                    dheader('Content-Length: ' . strlen($str));
                                    dheader('Content-Disposition: attachment; filename=' . $filename . '.xml');
                                    dheader('Content-Type: text/xml');
                                }
                                echo $str;
                                exit(0);
                            } else {
                                showmessage('diy_export_no_data', '/');
                            }
                        } else {
                            showmessage('diy_export_tpl_invalid', '/');
                        }
                    }
                    showmessage('diy_operation_invalid', '/');
                } else {
                    if ($op == 'import') {
                        $tpl = $_POST['tpl'] ? $_POST['tpl'] : $_GET['tpl'];
                        tpl_checkperm($tpl);
                        if (submitcheck('importsubmit')) {
                            $isinner = false;
                            $filename = '';
                            if ($_POST['importfilename']) {
                                $filename = DISCUZ_ROOT . './template/qu_app/touch/diy/' . $_POST['importfilename'] . '.xml';
                                $isinner = true;
                            } else {
                                $upload = new discuz_upload();
                                $upload->init($_FILES['importfile'], 'temp');
                                $attach = $upload->attach;
                                if (!$upload->error()) {
                                    $upload->save();
                                }
                                if ($upload->error()) {
                                    showmessage($upload->error(), '', array('status' => $upload->error()));
                                } else {
                                    $filename = $attach['target'];
                                }
                            }
                            if ($filename) {
                                $arr = import_diy($filename);
                                if (!$isinner) {
                                    unlink($filename);
                                    error_reporting(0);
                                }
                                if (!empty($arr)) {
                                    $search = array(0 => '/\\<script/i', 1 => '/\\<\\/script\\>/i', 2 => "/\\r/", 3 => "/\\n/", 4 => '/(\\[script [^>]*?)(src=)(.*?\\[\\/script\\])/');
                                    $replace = array(0 => '[script', 1 => '[/script]', 2 => '', 3 => '', 4 => '$1[src=]$3');
                                    $arr['css'] = str_replace(array(0 => "\\r", 1 => "\\n"), array(0 => ''), $arr['css']);
                                    $jsarr = array('status' => 1, 'css' => $arr['css'], 'bids' => implode(',', $arr['mapping']));
                                    foreach ($arr['html'] as $key => $value) {
                                        $value = preg_replace($search, $replace, $value);
                                        $jsarr['html'][$key] = $value;
                                    }
                                    showmessage('do_success', 'portal.php', $jsarr);
                                } else {
                                    showmessage('do_success', 'portal.php', array('status' => 0));
                                }
                            }
                        }
                        $xmlarr = array();
                        if ($_GET['type'] == 1) {
                            $xmlfilepath = DISCUZ_ROOT . './template/qu_app/touch/diy/';
                            error_reporting(0);
                            if ($dh = opendir($xmlfilepath)) {
                                error_reporting(0);
                                $file = readdir($dh);
                                while ($file !== false) {
                                    if (fileext($file) == 'xml' && strstr(strtolower($file), CHARSET)) {
                                        $xmlarr[substr($file, 0, -4)] = getdiyxmlname($file, $xmlfilepath);
                                    }
                                }
                                closedir($dh);
                            }
                            arsort($xmlarr);
                        }
                    } else {
                        showmessage('undefined_action');
                    }
                }
            }
        }
    }
}
include_once template('portal/portalcp_diy');
function topic_upload_error($attach, $msg = '')
{
    echo '<script>';
    echo 'parent.document.getElementById(\'uploadmsg\').innerHTML = \'' . $attach['name'] . ' ' . lang('home/template', 'upload_error') . $msg . '\';';
    echo '</script>';
    exit(0);
}
function topic_upload_show($topicid)
{
    echo '<script>';
    echo 'parent.ajaxget("portal.php?mod=portalcp&ac=diy&op=image&topicid=' . $topicid . '&", "diyimages");';
    echo 'parent.document.uploadpic.attach.value = \'\';';
    echo 'Util.toggleEle(\'upload\')';
    echo '</script>';
    exit(0);
}
function tpl_checkperm($tpl)
{
    global $_G;
    list($file, $id) = explode(':', $tpl);
    if (!$_G['group']['allowdiy']) {
        showmessage('diy_nopermission');
    }
}
function category_checkperm($category)
{
    global $_G;
    if (empty($category)) {
        showmessage('topic_not_exist');
    }
    if ($_G['group']['allowdiy']) {
        return true;
    }
    if (!$_G['group']['allowdiy'] && (!$_G['group']['allowaddtopic'] || $_G['uid'] != $topic['uid'])) {
        showmessage('topic_edit_nopermission');
    }
}
function topic_checkperm($topic)
{
    global $_G;
    if (empty($topic)) {
        showmessage('topic_not_exist');
    }
    if (!$_G['group']['allowmanagetopic'] && (!$_G['group']['allowaddtopic'] || $_G['uid'] != $topic['uid'])) {
        showmessage('topic_edit_nopermission');
    }
}
function gettopictplname($topicid)
{
    $topicid = max(0, intval($topicid));
    $topic = C::t('portal_topic')->fetch($topicid);
    return !empty($topic) ? !empty($topic['primaltplname']) : (!empty($topic) ? $topic['primaltplname'] : getglobal('cache/style_default/tpldir') . ':portal/portal_topic_content');
}
function getportalcategorytplname($catid)
{
    global $_G;
    $catid = max(0, intval($catid));
    $category = $_G['cache']['portalcategory'][$catid];
    return !empty($category) ? !empty($category['primaltplname']) : (!empty($category) ? $category['primaltplname'] : getglobal('cache/style_default/tpldir') . ':portal/list');
}
function getportalarticletplname($catid, $primaltplname = '')
{
    if ($catid = intval($catid)) {
        if ($category = C::t('portal_category')->fetch($catid)) {
            $primaltplname = $category['articleprimaltplname'];
        }
        if (empty($primaltplname)) {
            $primaltplname = getglobal('cache/style_default/tpldir') . ':portal/view';
            C::t('portal_category')->update($catid, array('articleprimaltplname' => $primaltplname));
        }
    }
    return $primaltplname;
}
function getdiyxmlname($filename, $path)
{
    error_reporting(0);
    $content = file_get_contents($path . $filename);
    $name = $filename;
    if ($content) {
        preg_match("/\\<\\!\\-\\-\\[name\\](.+?)\\[\\/name\\]\\-\\-\\>/i", trim($content), $mathes);
        if (!empty($mathesb)) {
            preg_match('/^\\{lang (.+?)\\}$/', $mathes[1], $langs);
            if (!empty($langsb)) {
                $name = lang('portalcp', $langs[1]);
            } else {
                $name = dhtmlspecialchars($mathes[1]);
            }
        }
    }
    return $name;
}